<?php
ob_start();
session_start();
include_once  ("connect.php");
echo "<meta http-equiv='Content-Type' content='text/html; charset=utf-8' />";

 
    if($_POST['username'] != "")
    {
		$strSQL2 = "SELECT * FROM employee where emp_nameEng = '" . trim($_POST['username']) . "' and status = 'N' ";
		$objQuery2 = mysql_query($strSQL2);
		$Num_Rows = mysql_num_rows($objQuery2);
		if($Num_Rows > 0){
        echo "  <script language='javascript'>
                    alert('รหัสนี้ถูกระงับ โปรดติดต่อแผนก IT');
                    window.location='index.php';
                    </script>
            ";
        exit();
		}
    }

$strSQL = "SELECT * FROM userlog INNER JOIN depart ON userlog.departid = depart.departid WHERE userlog = '" . trim($_POST['username']) . "' and passlog = '" . trim($_POST['password']) . "'";
$objQuery = mysql_query($strSQL);
$objResult = mysql_fetch_array($objQuery);
if (!$objResult) {
    echo "	<script language='javascript'>
					alert('ไม่ได้สามารถเข้าได้');
					window.location='index.php';
					</script>
	  ";
} else {

    $_SESSION["id_member"] = $objResult["id_member"];
	$_SESSION["departid"] = $objResult["departid"];
	$_SESSION["departname"] = $objResult["departname"];
	$_SESSION["admin"] = $objResult["userlog"];
    session_write_close();

    if ($objResult["userlog"] == "admin1") {
		
        header("location:admin/home.php");
    } else {
		
        header("location:user/home.php");
    }
}
mysql_close();
?>